The present invention relates to wireless electronic data transfer, and to circuits and methods for secure wireless information transactions.
A Smartcard is a plastic card with an embedded integrated circuit computer chip (i.e., a piece of thin, semiconductor material, such as silicon) that has been chemically processed and etched with a specific set of electrical characteristics such as circuits, storage, and logic elements of smartcard elements. When coupled with a Smartcard reader, this combination has the processing power to perform the complex operations previously requiring a personal computer or other large logic device.
In the form of a credit card, a Smartcard contains a built-in semi-conductor chip. The chip memory stores payment information, e.g., account information, similar to a magnetic stripe on the back of a credit card, but may also include additional information such as issuer-defined controls (e.g., online authorization frequency requirements, floor limits, credit limit, etc.). Many smartcards issued in the United States will also include an embossed sixteen-digit account number in the magnetic stripe. The non-chip features allow the smartcard to be used at storefronts that are not equipped to interact with smart chips. Smartcards can also be contactless or wireless, meaning the smartcard transfers data to and from another Smartcard enabled device via a built-in antenna without physically touching the other Smartcard enabled device.
Smartcard chips can be categorized as either intelligent chips or memory chips. Intelligent chips, i.e., smart chips, contain a microprocessor that has various read/write capabilities (e.g., EEPROM and ROM space), and the smart chip interacts with a Smartcard reader using software applications stored on the chip. Conversely, some Smartcard memory chips lack processing capability and do not manage files dynamically. Generally, the Smartcards currently issued by bank card issuers in the United States for payment contain intelligent chips and have processing power. For example, a Smartcard could contain an access control application where the smart chip authenticates the cardholder and provides the user with access to a previously locked door or computer network. Information on the smart chip is read from a Smartcard reader, and the smart chip is designed so that some of the information stored in the smart chip cannot be changed.
A smart chip operates similarly to a personal computer, e.g., it can control the execution of the applications and it can store information. A smart chip can also lack processing power—be “dumb card.” The primary difference with a smart chip is that the operating system is programmed into the ROM portion of the chip at the time of the manufacture and generally cannot be altered. There exist several different smartcard operating systems. Between the operating system and the application is an application programming interface (“API”)—the message management process through which the operating system and the applications interact. The operating system and breadth of applications on the smart chip are not necessarily important to the merchant and card user, as long as it is an open platform that can interface with a Smartcard reader and provide payment information to the merchant's POS terminal.
Software applications on the chip are designed for security and to process transactions. Additional applications or information may be added by the issuing bank, or potentially the card holder, such as a loyalty program, a stored value application, an e-ticket program, or a secure access verification program. When the Smartcard is used to transact payment, a point of sale (“POS”) device often requires a PIN to authenticate the user. Conventional debit and ATM networks authenticate the PIN entered by the cardholder using a back-end network (e.g., the POS device contacts, directly or indirectly, the financial network of the user that corresponds to the account number stored in the smartcard. The financial network authenticates the PIN number by comparing the account number and the PIN number associated with the account number to the PIN number entered by the user) since the PIN is not stored on debit/ATM cards. Unlike an ATM transaction, in a Smartcard transaction a PIN entered by the user is authenticated by the security system resident on the chip which examines secure information stored in the chip and compares it to the entered PIN number.
According to ISO standards, a smartcard chip operates in one of two modes either in contactless mode or in contact mode. In contactless mode, a smartcard chip is enabled to send and receive wireless communications (e.g., radio signals) through a first data channel (or data channel device). In contact mode, a smartcard chip is enabled to send and receive direct contact communications (e.g., electrically coupled signals) through a second data channel. Generally, a smartcard is pre-programmed to operate in a contactless mode and contact mode in conformance with ISO standards.
For example, when using a Smartcard to purchase goods, the consumer will hand their Smartcard to a merchant and the Smartcard is inserted into a Smartcard reader. The chip contains certain contact points that line up with the Smartcard reader to transfer information. For cards that have both a magnetic stripe and the chip, the Smartcard reader may be programmed to utilize the chip technology over the magnetic stripe since the chip is more secure. If the Smartcard contains both credit and debit applications, the cardholder must first select a payment method. At this point, the smart chip and record reader communicate to determine several things, such as whether the terminal has on-line authorization capabilities, whether the card is authentic, and processing restrictions, e.g., expiration date.
The card communicates to the reader the type of risk management checks that the card issuer wants to be performed, such as the floor limit, random online processing, and a velocity check, that determines whether an on-line authorization is necessary. Next, the POS terminal requests authorization via the back-end processing network that connects to the seller's financial institution, home office, or bank (if necessary), just like magnetic stripe card. Upon approval, the Smartcard reader and the smart chip may exchange additional information such as reward points or e-coupons for the next purchase. This information is then stored on the smart chip for future use, or could be used for the current transaction.
In contactless, or wireless, Smartcard applications, information contained on the Smartcard is transferred in one direction. Information is provided to the Smartcard reader when the Smartcard is placed in close proximity to the Smartcard reader. For example, a Mobil Speedpass smartcard is waved near a gas pump (containing a reader) to permit the user to purchase gasoline from the pump. When the Speedpass is placed near the gas pump, the user's account information is wirelessly provided to a reader in the gas pump. The account information is then used for approval of and billing of a gasoline purchase that will follow.
In some applications, information is transferred between the Smartcard and the Smartcard reader. For example commuters may use a Smartcard to pay for subway or bus transit, where fares are conventionally paid at the beginning or conclusion of the metro transit. The Smartcard stores an “electronic cash” value on the card. When entering the metro the Smartcard is placed near the smart reader on a turnstile and the reader receives payment information from the Smartcard. The user provides no additional information to the Smartcard or Smartcard reader, and does not take any further action affirming the transaction. If the Smartcard has at least a predetermined amount of electronic cash, then the smart reader provides a signal to the Smartcard indicating the metro entry point and provides a signal to the turnstile, permitting the user to enter. If there are not sufficient electronic funds, then the Smartcard reader does not provide a signal to the turnstile, and therefore the user is not permitted to enter. To exit the metro at the end of the transit, the user places the Smartcard near the Smartcard reader of a turnstile. The Smartcard reader determines the fare (by reading the entry point from the Smartcard), and deducts the fare from the value of the electronic cash stored on the card. The Smartcard reader provides a signal to the turnstile permitting the user to exit.
As described above, a contactless Smartcard can be used for information transactions (e.g., subway or bus fare transit). However, there is little to ensure that the person using the contactless Smartcard is the same person who owns the Smartcard. As Smartcards are typically pre-programmed to operate in a contactless mode, the information on a smartcard is available to be read by any device capable of reading smartcards. For example, a valid subway card or Speedpass may be used by anyone in possession of the transit card/Speedpass, respectively, even though the possessor of the transit card/Speedpass may not be the owner of the transit card/Speedpass. Therefore, it would be desirable to have a contactless system that provides an increased level of security for the information contained within the Smartcard.